In Part I of this series, you learned about some of the things to consider before implementing EFS. BitLocker Drive Encryption has some very specific requirements so lets take a look at some of the things to consider before implementing it on a computer.

BitLocker requires local or Active Directory Group Policy modification to enable. It also has very specific hardware requirements.
There are two basic options for running BitLocker:

Option 1

  1. TPM 1.2 hardware module
  2. 1.5 GB NTFS Active System partition
  3. 50+ GB Boot partition

Option 2

  1. Generic USB data key
  2. 1.5 GB NTFS Active System partition
  3. 50+ GB Boot partition

The 1.5 GB Active System partition is where the unencrypted bare essential bootstrap files for the Vista operating system are located. The 50+ GB Boot partition is where Windows is installed and where your page files and temporary files should be located, since EFS can’t protect these things but BitLocker can.

The best way to set this up is to create a 1.5 GB partition along with a 50 GB partition when you first install Vista. However, if you have already installed Vista, you can use the BitLocker Drive Preparation Tool to automatically redo the partitions. If you have already made the 1.5 GB partition, you will still need the preparation tool to transfer the necessary files from your Windows partition to the 1.5 GB partition.

To get the BitLocker Drive Preparation Tool, you can go to Windows Update and look under Vista Ultimate Extras. There, you simply check BitLocker Drive Preparation Tool to download and install.

[rsslist:http://ah.pricegrabber.com/export_feeds.php?pid=hjehfab&document_type=rss&limit=25&topcat_id=all&category=topcat:all&col_description=1&form_keyword=vista]